Add strict validation to snippet file names

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>

Add strict validation to snippet file names
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
f28a12a5 · Dmitriy Zaporozhets · 9a3ae331 · f28a12a5
Commit f28a12a5 authored Dec 12, 2014 by Dmitriy Zaporozhets
Hide whitespace changes
Inline Side-by-side

Showing with 4 additions and 2 deletions

app/models/snippet.rb app/models/snippet.rb +4 -2

No files found.
--- a/app/models/snippet.rb
+++ b/app/models/snippet.rb
@@ -29,7 +29,9 @@ class Snippet < ActiveRecord::Base

  validates :author, presence: true
  validates :title, presence: true, length: { within: 0..255 }
-  validates :file_name, presence: true, length: { within: 0..255 }
+  validates :file_name, presence: true, length: { within: 0..255 },
+            format: { with: Gitlab::Regex.path_regex,
+                      message: Gitlab::Regex.path_regex_message }
  validates :content, presence: true
  validates :visibility_level, inclusion: { in: Gitlab::VisibilityLevel.values }

@@ -72,7 +74,7 @@ class Snippet < ActiveRecord::Base

  def visibility_level_field
    visibility_level
-  end 
+  end

  class << self
    def search(query)